package org.sample.sss.intercepter;

import org.apache.commons.lang3.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class SecureIntercepter implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String loginUsername = (String)request.getSession().getAttribute("loginUsername");
        String requestURI = request.getRequestURI();
        if(!StringUtils.isEmpty(loginUsername)) {
            System.out.println("has privalige to access url=" + requestURI);
            return true;
        }

        request.getSession().setAttribute("accessUrl", requestURI);
        System.out.println("403 no access privalige requestURI=" + requestURI);
        response.sendRedirect("/login.jsp");
        return false;
    }
}
